I Can Meet with Dead Scientists-Chapter 331 - 194: The Advantage Is Mine! (8.8K)

Let's roll back time by half an hour.

After deciding to provide support to National Science University.

Xiaorong immediately contacted Wang Qingchen from USTC and obtained permission through Tian Liangwei for the school's board intervention.

Then, having the same system key.

The reinforcements from Ke Da quickly appeared on the 'battlefield' and swiftly secured precious repair time for National Science University.

Also, due to well-prepared measures.

Xiaorong and others not only smoothly took over the battlefield but also locked on to...

The opponent's IP through attack path jump boxes.

At this very moment.

In the Huadun Biotech's network security center, Xiaorong was briefing Xu Yun on the entire situation:

"Dr. Xu, actually with current technical means, tracing real IPs isn't an easy task. There are many irreversible steps."

"For example, physically destroying a certain hardware device in the process, or if the hacker only attacks once using Tor or I2P networks, etc."

"In such cases, the springboard machine cannot chase them, and one can only rely on the operation logs from service providers, which is very troublesome in practice."

"But this time, the opponent made a mistake... or their goal seems not just limited to breaking into our official website."

Xu Yun glanced at him, slightly tilting his head in confusion:

"Not just limited to breaking into the website? What does that mean?"

Xiaorong tapped a few keys on the keyboard, then pointed to the screen and said:

"Dr. Xu, look at this."

Xu Yun looked over as pointed, seeing a line of code on the screen:

localhost:8080/test?name=scriptalert.....

"This places JS code within the URL in the request parameter, directly targeting the National Science University's website backend."

Xiaorong first explained the usage of this string of code and then continued:

"This is a type of reflected XSS attack, which can form cross-site request forgery with CSRF, thereby obtaining a brief administration privilege."

"This admin privilege intercepts the JSON data that should be returned to the user and sends the data back to the malicious attacker, which we colloquially call JSON hijacking."

"In other words....."

"The opponent not only wants to crack our website but also aims to acquire our database."

Xu Yun's pupils shrank hard upon hearing this.

Even with his vast experience, he found himself unsettled at the moment:

"The database... damn, that's ruthless…."

USTC, as the only domestic university with two national laboratories, must have unimaginably important data stored in the cloud.

Indeed.

Those truly classified materials would certainly not be in a 24/7 online state, and corresponding defenses are not something that a sudden attack could breach.

But besides classified materials.

The university's database also holds a large amount of associate professor-level or higher experimental data or relevant reports.

Such data may not be top-secret but is still highly valuable, with significant amounts touching on cutting-edge research topics.

Unlike classified databases, these databases cannot operate offline.

Because many experimental results need to be recorded in real-time, and this won't follow a typical nine-to-five work schedule.

Late at night around nine or ten, or in the wee hours at two or three, could be prime times for results.

Thus, these lower-tier databases must be online, inherently high-risk and high-value attack targets.

For example, in December 2019, Germany's Justus Liebig University was hacked.

This is a top institution in Germany, with a long history, from which Wilhelm Röntgen graduated.

Back then, Justus Liebig University's database held out for only 12 minutes before being breached, losing a wealth of vital information.

This incident directly led to over a dozen top scholars with an H-index above 45 choosing to leave Justus Liebig University a year later and move elsewhere, with our domestic Jiaofu absorbing three of them.

Additionally, Northwestern Polytechnical University had its database attacked before, but the details are too sensitive to expand on.

Therefore, it is clear.

This time, the adversary...

Has a huge appetite.

Xiaorong paused, then continued explaining:

"For this reason, the opponent preset multiple feedback channels, intending to use them for data transmission."

"We traced through several of these jump boxes and eventually locked onto two of the most aggressive attack IPs."

Xu Yun became immediately interested upon hearing this and quickly inquired:

"Oh? Where? Across the sea?"

Xiaorong shook his head, his expression seemingly tinged with regret:

"Unfortunately, perhaps due to a lack of business overlap, the two IPs came from Kyoto University in Neon and Xini University in Australia."

"Neon and Xini?"

Xu Yun nodded thoughtfully.

Anyone familiar with the internet should know.

While it's difficult for IP tracing to pinpoint exact addresses, after breaking through disguises, tracing back to a general area is feasible.

As for why both IP addresses belong to universities...

It's actually quite simple.

Just like many hackers in China have been recruited by the government, abroad, many hackers have also secured institutional positions.

Every top university's network security center boss in the world, without exception, has left behind more or less legends in the civilian domain.

Moreover, high-tech enterprises often maintain close collaborations with one or more top universities, such as through recruitment or research.

This is the so-called integration of industry, academia, and research.